Inicio Explorar Axuda
Iniciar sesión
crispAudio
/
poky
réplica de git://git.yoctoproject.org/poky
5
0
Fork 0
Ficheiros Incidencias 0 Wiki
Árbore: 25a8862b90
Ramas Etiquetas
poky
/
meta
/
recipes-support
/
libsoup
/
libsoup-2.4
/
CVE-2018-12910.patch

CVE-2018-12910.patch 1011 B
Histórico Raw

1234567891011121314151617181920212223242526272829303132 
  1. CVE: CVE-2018-12910
    2. 

  2. Upstream-Status: Backport
    3. 

  3. Signed-off-by: Ross Burton <ross.burton@intel.com>
    4. 

  4. 

  5. From db2b0d5809d5f8226d47312b40992cadbcde439f Mon Sep 17 00:00:00 2001
    6. 

  6. From: Michael Catanzaro <mcatanzaro@igalia.com>
    7. 

  7. Date: Sun, 24 Jun 2018 19:46:19 -0500
    8. 

  8. Subject: [PATCH] cookie-jar: bail if hostname is an empty string
    9. 

  9. 

  10. There are several other ways to fix the problem with this function, but
    11. 

  11. skipping over all of the code is probably the simplest.
    12. 

  12. 

  13. Fixes #3
    14. 

  14. ---
    15. 

  15.  libsoup/soup-cookie-jar.c | 2 +-
    16. 

  16.  1 file changed, 1 insertion(+), 1 deletion(-)
    17. 

  17. 

  18. diff --git a/libsoup/soup-cookie-jar.c b/libsoup/soup-cookie-jar.c
    19. 

  19. index 2369c8a7..b2b78909 100644
    20. 

  20. --- a/libsoup/soup-cookie-jar.c
    21. 

  21. +++ b/libsoup/soup-cookie-jar.c
    22. 

  22. @@ -307,7 +307,7 @@ get_cookies (SoupCookieJar *jar, SoupURI *uri, gboolean for_http, gboolean copy_
    23. 

  23.  
    24. 

  24.  	priv = soup_cookie_jar_get_instance_private (jar);
    25. 

  25.  
    26. 

  26. -	if (!uri->host)
    27. 

  27. +	if (!uri->host || !uri->host[0])
    28. 

  28.  		return NULL;
    29. 

  29.  
    30. 

  30.  	/* The logic here is a little weird, but the plan is that if
    31. 

  31. -- 
    32. 

  32. 2.17.1
    33.